Eight "cmd  command lines" that must be mastered

Must master the eight "cmd command line" one, ping

It is a command to check whether the network is unobstructed or the speed of the network connection. As an administrator or hacker living on the network, the ping command is the first DOS command that must be mastered, and it uses the same principle: the machine on the network has a unique IP address, we send a packet to the destination IP address, and the other party returns a packet of the same size. According to the returned packets we can determine the existence of the target host, can initially determine the target host operating system and so on. Here's a look at some of its most common operations. First look at the help, in the DOS window type: ping/? Enter,. The Help screen shown. Here, we only have some basic useful parameters to be able to (the same below).

-T means that packets will be sent uninterrupted to the destination IP until we force it to stop. Imagine, if you use 100M broadband access, and the target IP is 56K kitten, then it will not be long, the target IP is not able to withstand so much data and dropped, hehe, an attack is so simple to achieve.

-L defines the size of the sending packet, which defaults to 32 bytes, which we can use to define the maximum to 65500 bytes. Combined with the-t parameter described above, there will be a better effect oh.

-N defines the number of times a packet is sent to the destination IP, which defaults to 3. If the network speed is slow, 3 times for us also wasted a lot of time, because now our goal is only to determine whether the target IP is present, then define it as a time.

Note that if the-t parameter is used with the-n parameter, the ping command is standard with the following parameters, such as "Ping Ip-t-n3", although the-t parameter is used, but not always ping, but only ping 3 times. In addition, the ping command does not have to PINGIP, you can directly ping the host domain name, so you can get the host's IP.

Let's give an example to illustrate the usage.

Here time=2 indicates that the time taken from sending a packet to receiving a return packet is 2 seconds, from which you can determine the size of the network connection speed. The return value from the TTL can be initially judged by the Ping host's operating system, the reason is that the "preliminary judgment" is because this value can be modified. Here ttl=32 indicates that the operating system may be win98.

(Tip: If ttl=128, the target host might be Win2000; if ttl=250, the target host might be Unix)

As for the use of ping command can quickly find LAN fault, you can quickly search the fastest QQ server, you can ping others to attack ... It's all on the people's own play.

Two, nbtstat

This command uses NetBIOS on TCP/IP to display protocol statistics and current TCP/IP connections, and you can use this command to get NetBIOS information about the remote host, such as the user name, the workgroup to which it belongs, the MAC address of the NIC, and so on. Here we need to understand a few basic parameters.

-A Use this parameter, as long as you know the name of the remote host machine, you can get its NetBIOS information (hereinafter).

-A This parameter can also get NetBIOS information from the remote host, but requires you to know its IP.

-N lists NetBIOS information for the local machine.

When the other side of the IP or machine name, you can use the nbtstat command to further get the other party's information, which adds to our invasion of the safety factor.

Three, Netstat

This is a command to view the status of the network, easy to use and powerful.

-A View all open ports of the local machine, can effectively detect and prevent Trojan Horse, can know the service of the machine and other information, 4.

Here you can see that the local machine is open with FTP service, Telnet service, mail Service, Web service and so on. Usage: netstat-a IP.

-r lists the current routing information and tells us about the gateway, subnet mask, and so on of the local machine. Usage: netstat-r IP.
Four, tracert

Track routing information and use this command to find out all the ways that data travels from the local machine to the target host, which is helpful for us to understand the network layout and structure. 5.

This shows that the data is transferred from the local machine to the 192.168.0.1 machine without any relay in the middle, indicating that the two machines are in the same LAN. Usage: Tracertip.

Five, net

This command is the most important of the network commands and must be thoroughly mastered by the use of each of its subcommands, because it is so powerful that it is simply the best hack tool Microsoft has to offer us. First let's see if it has those subcommands, type net/? Carriage 6.

Here, we focus on several common sub-commands for intrusion.

NET view

Use this command to view the remote host's shared resources. The command format is net view \ip.

NET use

The remote host of a shared resource is mapped to the site, the graphical interface for easy use, hehe. The command format is net use X:\IP\sharename. The above one indicates that the 192.168.0.5IP shared directory named Magic is mapped to the local Z-disk. The following represents and 192.168.0.7 establish ipc$ connection (net use \ip\ipc$ "password"/user: "name"),

Established ipc$ connection, hehe, you can upload files: Copy nc.exe\192.168.0.7\admin$, the local directory Nc.exe to the remote host, combined with the following to introduce the other DOS command can be implemented intrusion.

net start

Use it to start the service on the remote host. When you establish a connection with a remote host, what if you find that the service is not started and you want to take advantage of the service? Just use this command to start it. Usage: Netstart servername,9, the Telnet service was successfully started.

net stop

How do I find a service in the remote host after the intrusion? Using this command to stop is OK, usage and net start are the same.

NET user

View account-related scenarios, including creating new accounts, deleting accounts, viewing specific accounts, activating accounts, disabling accounts, and more. This is very advantageous for our invasion, and most importantly, it provides a precondition for our cloning of the account. Type Netuser without parameters to see all users, including those that have been disabled. The following are explained separately.

1,net user ABCD 1234/add, create a new account named ABCD with a password of 1234, default to the user group member.

2,net user Abcd/del, delete the user named ABCD.

3,net user Abcd/active:no, disables the user named ABCD.

4,net user Abcd/active:yes, activates the user named ABCD.

5,net user ABCD, viewing the situation of users named ABCD

net localgroup

View all information related to the user group and perform related actions. Typing netlocalgroup without parameters lists all current user groups. During the intrusion process, we generally use it to promote an account to the Administrator group account, so that we can control the entire remote host with this account. Usage: net localgroup groupname username/add.

Now we put the new user ABCD added to the Administrator group, the ABCD user is already a super administrator, hehe, you can use NETUSERABCD to see his state, and figure 10 to compare can be seen. But this is too obvious, network management a look at the user situation can leak out flaws, so this method can only deal with rookie network management, but we have to know. Now the means are to use other tools and means to clone a network management can not see the Super administrator, this is something. Interested friends can refer to the "Hacker line of Defense" in the 30th issue of the "Analytic Long account".

NET time

This command can view the current time of the remote host. If your goal is to go into a remote host, you may not be using this command. But the simple invasion succeeded, is it just a look? We need further infiltration. This even the remote host needs to know the current time, because the use of time and other means (described later) can achieve a command and program timing start, for our further intrusion lay a good foundation. Usage: NET time \ip.

VI, at

The purpose of this command is to schedule a particular command and program to be executed on a specific date or time (is it important to know nettime?). ）。 When we know the current time of the remote host, you can use this command to execute a program and command at a later time, such as 2 minutes later. Usage: attime command \computer.

Indicates that at 6:55, a computer with the name a-01 is turned on for the Telnet service (where net starttelnet is the command to turn on the Telnet service).
Seven, FTP

You should be more familiar with this order, right? There are many open FTP hosts on the network, a large part of which is anonymous, which means anyone can log in. Now if you sweep to a host that has an open FTP service (typically a 21-port machine), what if you don't use the FTP command? The following is a basic way to use the FTP command.

Start by typing the FTP carriage return at the command line with the prompt for the FTP, and you can type "help" to view assistance (any DOS command can use this method to view its help).

As you may see, how do you use so many commands? In fact, there is not so much to master a few basic is enough.

The first is the landing process, which will be used to open, directly in the FTP prompt input "Open host Ipftp port" Enter, the general port default is 21, you can not write. Then enter a valid user name and password to login, here with anonymous FTP as an example introduced.

The user name and password are FTP, and the password is not displayed. When prompted * * * * * * Loggedin, it indicates successful landing. The user is shown as anonymous because it is logged anonymously.

The next step is to introduce how to use the specific commands.

Dir is the same as the DOS command, used to view the server files, directly hit Dir Enter, you can see the file on this FTP server.

CD into a folder.

Get download file to local machine.

Put to upload files to the remote server. This depends on whether the remote FTP server has given you permission to write, if you can, hehe, how to use it is not much to say, we will freely play to it.

Delete Deletes the files on the remote FTP server. This must also ensure that you have writable permissions.

Bye exits the current connection.

Quit ditto.
　　

Eight, Telnet

Powerful remote login command, almost all intruders like to use it, always tried. Why? It is easy to operate, just like using your own machine, as long as you are familiar with DOS commands, you can use it to do everything you want to do after you have successfully connected the remote machine as a administrator. Here's how to use it, first type Telnet carriage return, and then type help to view its helpful information.

Then at the prompt type open IP Enter, then there is a login window, let you enter a valid user name and password, here to enter any password is not displayed.

When you enter the user name and password are correct after the successful establishment of the Telnet connection, this time you on the remote host with the same permissions as this user, the use of DOS commands to achieve what you want to do. Here I use Super admin privileges to log on.

So far, the introduction of the Network DOS command is over, the purpose of this introduction is just to give rookie network management an impression, let it know the importance of familiar with and master the Internet DOS command. In fact, and network-related DOS command is far more than these, here is just a point, hope to the vast number of novice network management help. Learn dos to be good network management has a lot of help, especially mastered a number of network DOS commands.

In addition, we should be aware that anyone who wants to enter the system, must have a legitimate user name and password (the input method is almost extinct), even if you get the account of only a small permission, you can also use it to achieve the final purpose. So resolutely eliminate the empty password, add a strong password to their account, is the best way to protect against weak password intrusion.

Finally, the most important thing is to cultivate a good sense of safety.

=========================================
Start → run → command highlights
Winver---------Check the Windows version
Wmimgmt.msc----Open Windows Management Architecture (WMI)
Wupdmgr--------Windows Update
wscript--------Windows Script Host Settings
Write----------WordPad
WINMSD---------System Information
Wiaacmgr-------Scanner and Camera Wizard
Winchat--------XP comes with LAN chat

Mem.exe--------Show Memory usage
Msconfig.exe---System Configuration Utility
Mplayer2-------Easy widnows Media Player
MSPaint--------Drawing Board
MSTSC----------Remote Desktop Connection
Mplayer2-------Media Player
Magnify--------Magnifier Utility
MMC------------Open the console
Mobsync--------Synchronization commands

DxDiag---------Checking DirectX information
DRWTSN32------System Doctor
Devmgmt.msc---Device Manager
Dfrg.msc-------Disk Defragmenter
Diskmgmt.msc---Disk Management utility
DCOMCNFG-------Open System Component Services
DdeShare-------turn on DDE sharing settings
Dvdplay--------DVD Player

net stop Messenger-----Stop messenger Service
net start Messenger----Start Messenger Service
Notepad--------Open Notepad
Nslookup Tool Wizard for-------Network management
ntbackup-------system backup and restore
Narrator-------Screen Narrator
Ntmsmgr.msc----Mobile Storage Manager
Ntmsoprq.msc---Mobile Storage Administrator action Request
Netstat-an----(TC) command Check interface

Syncapp--------Create a Briefcase
Sysedit--------System Configuration Editor
Sigverif-------File Signature Validator
SNDREC32-------Recorder
SHRPUBW--------Create a shared folder
Secpol.msc-----Local Security Policy
SYSKEY---------System encryption, once encrypted can not be solved, protect the Windows XP system dual Password
Services.msc---Local Service settings
SNDVOL32-------Volume Control program
Sfc.exe--------System File Checker
Sfc/scannow---Windows File Protection

TSSHUTDN-------60-second Countdown shutdown command
Tourstart------XP profile (roaming XP programs that appear after installation is complete)
Taskmgr--------Task Manager

EVENTVWR-------Event Viewer
Eudcedit-------Character-font procedure
Explorer-------Open Resource Manager


Packager-------Object Wrapping Program
PERFMON.MSC----Computer Performance monitoring Program
ProgMan--------Program Manager

Regedit.exe----Registration Form
Rsop.msc-------Group Policy result set
Regedt32-------Registry Editor
Rononce-p----15-second shutdown
regsvr32/u *.dll----Stop DLL file to run
regsvr32/u zipfldr.dll------Cancel Zip support

Cmd.exe--------cmd command prompt
Chkdsk.exe-----CHKDSK disk Check
Certmgr.msc----Certificate Management Utility
Calc-----------Start Calculator
Charmap--------Start character mapping table
CLICONFG-------SQL SERVER Client Network Utility
CLIPBRD--------Clipboard Viewer
Conf-----------start NetMeeting
Compmgmt.msc---Computer Management
cleanmgr-------Waste Finishing
CIADV.MSC------Indexing Service Program

OSK------------Open the On-screen keyboard
ODBCAD32-------ODBC data Source Manager
oobe/msoobe/a----Check if XP is active
Lusrmgr.msc----native Users and Groups
Logoff---------Logoff command


IExpress-------Trojan Bundle tool, System comes with

Nslookup-------IP Address detector

Fsmgmt.msc-----shared Folder Manager

Utilman--------Utility Manager

Gpedit.msc-----Group Policy

ForBy: Wen JingliangArticle Source: http://wenjl520.cnblogs.com/Orhttp://www.cnblogs.com/

Eight cmd  command lines that must be mastered